﻿using System;
using System.Data;
using System.Configuration;
using System.Collections;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls;

public partial class admin_admin_login : System.Web.UI.Page
{
    // 声明成员属性
    Random r = new Random();
    protected void Page_Load(object sender, EventArgs e)
    {
        if (!IsPostBack)
        {
            // 生成验证码
            string verifiCode = r.Next(1000, 10000).ToString();
            txtCode.Text = verifiCode;
        }
    }
    protected void Button1_ServerClick(object sender, EventArgs e)
    {



        // 用户名判断逻辑
        string username = txtUser.Value.Trim();
        if (username.Equals(""))
        {
            Response.Write("<script>alert(\"用户名不能为空\");</script>");
            string verifiCode = r.Next(1000, 10000).ToString();
            txtCode.Text = verifiCode;
            return;
        }
        // 密码判断逻辑
        string password = txtPwd.Value.Trim();
        if (password.Equals(""))
        {
            Response.Write("<script>alert(\"密码不能为空\");</script>");
            string verifiCode = r.Next(1000, 10000).ToString();
            txtCode.Text = verifiCode;
            return;
        }
        // 验证码判断逻辑
        string txtVeriCode = txtVerifyCode.Value.Trim();
        if (txtVeriCode.Equals(""))
        {
            Response.Write("<script>alert(\"验证码不能为空\");</script>");
            string verifiCode = r.Next(1000, 10000).ToString();
            txtCode.Text = verifiCode;
            return;
        }
        string veriCode = txtCode.Text;
        
        if (!veriCode.Equals(txtVeriCode))
        {
            string verifiCode = r.Next(1000, 10000).ToString();
            txtCode.Text = verifiCode;
            return;
        }

        string myOption = RadioButtonList1.SelectedItem.Value;


        //const string strSql = "select * from admin where adminname = @username and password = @password";
        //Parameters parms = new Parameters("@username", DbType.String, username);
        //Parameters parms = new Parameters("@password", DbType.String, password);

        username = username.Replace("'", "''");
        password = password.Replace("'", "''");
        username = username.Replace("--", "''");
        password = password.Replace("--", "''");

        DataSet result = DBHelper.sqlMethod("select * from admin where adminname = '"+username+"' and password = '"+password+"'");
        //DataSet result = DBHelper.sqlMethod(strSql);
        if (result.Tables[0].Rows.Count > 0)
        {
            Session["username"] = username;
            Session["pwd"] = password;

            switch (myOption)
            {
                case "1":
                    Response.Redirect("admin/admin_changepwd.aspx");
                    break;
                case "2":
                    Response.Redirect("admin/admin_add.aspx");
                    break;
                case "3":
                    Response.Redirect("admin/admin_del.aspx");
                    break;
            }
            Response.Write("<script>alert(\"登录成功\");</script>");
        }
        else {
            Response.Write("<script>alert(\"密码错误\");</script>");
            string verifiCode = r.Next(1000, 10000).ToString();
            txtCode.Text = verifiCode;
        }
    }

}
